[原文]Buffer overflow in Firewall Authentication Proxy for FTP and/or Telnet Sessions for Cisco IOS 12.2ZH and 12.2ZL, 12.3 and 12.3T, and 12.4 and 12.4T allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted user authentication credentials.
Cisco IOS Authentication Proxy for FTP/Telnet Remote Overflow
Remote / Network Access
Denial of Service,
Loss of Integrity,
Loss of Availability
A remote overflow exists in Cisco IOS. The Firewall Authentication Proxy for FTP and/or Telnet Sessions fails to perform proper bounds checking resulting in a buffer overflow. With specially crafted user authentication credentials, a remote attacker can cause the device to reload resulting in a loss of availability.
Currently, there are no known workarounds or upgrades to correct this issue. However, Cisco has released a patch to address this vulnerability.